honeypot-captcha 0.0.3 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 2dd95647b6ac0f214feeac282a66d4e683c87def
-  data.tar.gz: 75dba6af51866d8c4fb4bbd65039a2c77a9bc94e
+SHA256:
+  metadata.gz: 93a2779cd20a2bce72fbf2fe5b9998c9b0ba425581cd50446b909472963a4610
+  data.tar.gz: 2f49e4c15e9e209bf81f06571ab8b342a7bb91ba4d4a0245b55e7d2bcfa314e4
 SHA512:
-  metadata.gz: cc2c415f608f2cb8b914bb5d7362e7d3a9d750a877b3066617fe193216e1edb868ba8fa2bda78cf7f654db824d651829fc8f2e05f7c307e399902cb385ec05ec
-  data.tar.gz: a99e693dac0fd01e1e82214f4c5c4df5a018d8706c2131c2de64d58b7c44646c19fcaf2224c4ed5ee16b964fc7dc2bf9e7e57e56cbe5e700fb57e02f8a070807
+  metadata.gz: 9e541ea8ca330d5ef0eccf0a8db89153fb7c6086829f46523eb11cdbf0b17ff25ea4b33c55adf9d8603507433fd05ee64cdffd7a7ce304d78c7d5cb917eff617
+  data.tar.gz: 6df18e62d6a19d0ac04ec57d2e6ad54166b72b5b863e1bf4f4f6e991d496b9717d97a0bb9f3362f202686980b57b7f528decbf160e7879355bda3640682ee5e7

data/README.markdown

@@ -12,6 +12,10 @@ submitted with values. If they are, we assume that we encountered a spam bot.
 * [Honeypot Captcha by Phil Haack](http://haacked.com/archive/2007/09/11/honeypot-captcha.aspx)
 * [Stopping spambots with hashes and honeypots](http://nedbatchelder.com/text/stopbots.html)
 
+## Requirements
+
+* Rails >= 2.3.8
+
 ## Installation
 
 In your Gemfile, simply add
@@ -48,6 +52,14 @@ Simply specify that the form has a honeypot in the options hash:
       ...
     </form>
 
+### simple_form_for
+
+Simply specify that the form has a honeypot in the HTML options hash:
+
+    <%= simple_form_for Comment.new, :html => { :honeypot => true } do |form| -%>
+      ...
+    <% end -%>
+
 ### Protection for actions other than `create` and `update`
 
 If you are submitting a form to a non-RESTful action and require
@@ -55,7 +67,7 @@ honeypot protection, simply add the before filter for that action
 in your controller. For example:
 
     class NewsletterController < ApplicationController
-      prepend_before_filter :protect_from_spam, :only => [:subscribe]
+      prepend_before_action :protect_from_spam, :only => [:subscribe]
       ...
     end
 
@@ -71,6 +83,33 @@ add your own custom field names and values. For example:
       }
     end
 
+NOTE: `honeypot_fields` hash keys are used at the beginning of the generated HTML id attributes. The HTML 4.01 spec states that ids must start with a letter ([A-Za-z]), so be aware of this when creating the hash keys. HTML5 is much less strict.
+
+Override the `honeypot_string` method within `ApplicationController` to
+disguise the string that will be included in the honeypot name. For example:
+
+    def honeypot_string
+      'im-not-a-honeypot-at-all'
+    end
+
+Override the `honeypot_style_class` method within `ApplicationController` to
+provide a non-inline CSS class that will be applied to hide honeypot fields
+(if nil, the style will be applied inline). For example:
+
+    def honeypot_style_class
+      'display-none'
+    end
+
+... assigns an HTML class for styling purposes:
+
+    <div id="login_hp_1464171481" class="display-none">
+
+... which can be styled by a CSS style within app/assets/stylesheets:
+
+    .display-none {
+      display: none;
+    }
+
 ## Note on Patches/Pull Requests
 
 * Fork the project.
@@ -83,12 +122,21 @@ add your own custom field names and values. For example:
 Created by [Curtis Miller](http://millarian.com) of Velocity Labs, a
 [Ruby on Rails development company](http://velocitylabs.io).
 
+### Collaborators
+
+* [Dave Tapley](https://github.com/dukedave)
+
 ### Contributors
 
+Thank you to all contributors!
+
 * [Eric Saxby](http://github.com/sax)
 * [Bernard Grymonpon](https://github.com/wonko)
-* [Dave Tapley](https://github.com/dukedave)
+* [rchekaluk](https://github.com/rchekaluk)
+* [Sunny Ripert](https://github.com/sunny)
+* [RandieM](https://github.com/RandieM)
+* [Wayne Steven See](https://github.com/weynsee)
 
 ## Copyright
 
-Copyright (c) 2010 Curtis Miller. See LICENSE for details.
+Copyright (c) 2010-2019 Curtis Miller. See LICENSE for details.

data/VERSION

@@ -1 +1 @@
-0.0.3
+1.0.0

data/lib/honeypot-captcha.rb

@@ -6,14 +6,26 @@ module HoneypotCaptcha
       { :a_comment_body => 'Do not fill in this field' }
     end
 
+    def honeypot_string
+      'hp'
+    end
+
+    def honeypot_style_class
+      nil
+    end
+
     def protect_from_spam
       head :ok if honeypot_fields.any? { |f,l| !params[f].blank? }
     end
 
     def self.included(base) # :nodoc:
       base.send :helper_method, :honeypot_fields
+      base.send :helper_method, :honeypot_string
+      base.send :helper_method, :honeypot_style_class
 
-      if base.respond_to? :before_filter
+      if base.respond_to? :before_action
+        base.send :prepend_before_action, :protect_from_spam, :only => [:create, :update]
+      elsif base.respond_to? :before_filter
         base.send :prepend_before_filter, :protect_from_spam, :only => [:create, :update]
       end
     end

data/lib/honeypot-captcha/form_tag_helper.rb

@@ -4,33 +4,54 @@ module ActionView
     module FormTagHelper
       def form_tag_html_with_honeypot(options)
         honeypot = options.delete(:honeypot) || options.delete('honeypot')
-        html = form_tag_html_without_honeypot(options)
+        html     = form_tag_html_without_honeypot(options)
+
         if honeypot
-          captcha = "".respond_to?(:html_safe) ? honey_pot_captcha.html_safe : honey_pot_captcha
+          captcha = honey_pot_captcha
+
           if block_given?
             html.insert(html.index('</form>'), captcha)
           else
             html += captcha
           end
         end
+
         html
       end
-      alias_method_chain :form_tag_html, :honeypot
+      alias_method :form_tag_html_without_honeypot, :form_tag_html
+      alias_method :form_tag_html, :form_tag_html_with_honeypot
 
     private
 
       def honey_pot_captcha
-        html_ids = []
-        honeypot_fields.collect do |f, l|
-          html_ids << (html_id = "#{f}_hp_#{Time.now.to_i}")
-          content_tag :div, :id => html_id do
-            content_tag(:style, :type => 'text/css', :media => 'screen', :scoped => "scoped") do
-              "#{html_ids.map { |i| "##{i}" }.join(', ')} { display:none; }"
-            end +
-            label_tag(f, l) +
-            send([:text_field_tag, :text_area_tag][rand(2)], f)
+        honeypot_fields.collect do |key, value|
+          html_id = sanitized_html_id(key)
+
+          content_tag :div, { :id => html_id }.merge(style_attributes) do
+            style_tag(html_id) +
+            label_tag(key, value) +
+            send([:text_field_tag, :text_area_tag][rand(2)], key)
           end
-        end.join
+
+        end.join.html_safe
+      end
+
+      def sanitized_html_id(key)
+        "#{key}_#{honeypot_string}_#{Time.current.to_i + rand(999)}".gsub(/\]\[|[^-a-zA-Z0-9:.]/, "_")
+      end
+
+      def style_attributes
+        return {} if honeypot_style_class.blank?
+
+        { :class => honeypot_style_class }
+      end
+
+      def style_tag(html_id)
+        return '' if honeypot_style_class.present?
+
+        content_tag(:style, :type => 'text/css', :media => 'screen', :scoped => "scoped") do
+          "[id='#{html_id}'] { display:none; }".html_safe
+        end.html_safe
       end
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: honeypot-captcha
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 1.0.0
 platform: ruby
 authors:
 - curtis
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-02-12 00:00:00.000000000 Z
+date: 2019-01-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -16,56 +16,56 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.8.0
+        version: '3.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.8.0
+        version: '3.8'
 - !ruby/object:Gem::Dependency
   name: rdoc
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.12'
+        version: '6.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.12'
+        version: '6.1'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '2'
 - !ruby/object:Gem::Dependency
   name: jeweler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.1
+        version: '2.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.1
+        version: '2.3'
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
@@ -111,8 +111,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.4.5
+rubygems_version: 3.0.2
 signing_key: 
 specification_version: 4
 summary: A simple way to add honeypot captchas to Rails forms